diff --git a/common/src/main/java/com/jeesite/common/web/http/ServletUtils.java b/common/src/main/java/com/jeesite/common/web/http/ServletUtils.java
index 4d6041de..158a6d0d 100644
--- a/common/src/main/java/com/jeesite/common/web/http/ServletUtils.java
+++ b/common/src/main/java/com/jeesite/common/web/http/ServletUtils.java
@@ -78,6 +78,21 @@ public class ServletUtils {
 		return response;
 	}
 	
+	/**
+	 * 支持AJAX的页面跳转
+	 */
+	public static void redirectUrl(HttpServletRequest request, HttpServletResponse response, String url){
+		try {
+			if (ServletUtils.isAjaxRequest(request)){
+				request.getRequestDispatcher(url).forward(request, response); // AJAX不支持Redirect改用Forward
+			}else{
+				response.sendRedirect(request.getContextPath() + url);
+			}
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+	}
+	
 	/**
 	 * 是否是Ajax异步请求
 	 * @param request
@@ -173,9 +188,10 @@ public class ServletUtils {
 				resultMap.put("data", data);
 			}
 		}
-		HttpServletRequest request = ServletUtils.getRequest();
+		HttpServletRequest request = getRequest();
 		String uri = request.getRequestURI();
-		if (StringUtils.endsWithIgnoreCase(uri, ".xml")){
+		if (StringUtils.endsWithIgnoreCase(uri, ".xml") || StringUtils
+				.equalsIgnoreCase(request.getParameter("__ajax"), "xml")){
 			return XmlMapper.toXml(resultMap);
 		}else{
 			String functionName = request.getParameter("__callback");
@@ -202,7 +218,7 @@ public class ServletUtils {
 	/**
 	 * 直接将结果JSON字符串渲染到客户端（支持JsonP，请求参数加：__callback=回调函数名）
 	 * @param response 渲染对象：{result:'true',message:'',data:{}}
-	 * @param result Global.TRUE or Globle.False
+	 * @param result 结果标识：Global.TRUE or Globle.False
 	 * @param message 执行消息
 	 * @param data 消息数据
 	 * @return null
@@ -212,16 +228,18 @@ public class ServletUtils {
 	}
 	
 	/**
-	 * 将对象转换为JSON字符串渲染到客户端（支持JsonP，请求参数加：__callback=回调函数名）
+	 * 将对象转换为JSON、XML、JSONP字符串渲染到客户端（JsonP，请求参数加：__callback=回调函数名）
+	 * @param request 请求对象，用来得到输出格式的指令：JSON、XML、JSONP
 	 * @param response 渲染对象
 	 * @param object 待转换JSON并渲染的对象
 	 * @return null
 	 */
 	public static String renderObject(HttpServletResponse response, Object object) {
-		HttpServletRequest request = ServletUtils.getRequest();
+		HttpServletRequest request = getRequest();
 		String uri = request.getRequestURI();
-		if (StringUtils.endsWithIgnoreCase(uri, ".xml")){
-			return XmlMapper.toXml(object);
+		if (StringUtils.endsWithIgnoreCase(uri, ".xml") || StringUtils
+				.equalsIgnoreCase(request.getParameter("__ajax"), "xml")){
+			return renderString(response, XmlMapper.toXml(object));
 		}else{
 			String functionName = request.getParameter("__callback");
 			if (StringUtils.isNotBlank(functionName)){
@@ -250,8 +268,18 @@ public class ServletUtils {
 	 */
 	public static String renderString(HttpServletResponse response, String string, String type) {
 		try {
-//			response.reset(); // 先注释掉，否则以前设置的Header会被清理掉，如ajax登录设置记住我Cookie
-	        response.setContentType(type == null ? "application/json" : type);
+//			response.reset(); // 注释掉，否则以前设置的Header会被清理掉，如ajax登录设置记住我的Cookie信息
+			if (type == null){
+				if ((StringUtils.startsWith(string, "{") && StringUtils.endsWith(string, "}"))
+						|| (StringUtils.startsWith(string, "[") && StringUtils.endsWith(string, "]"))){
+					type = "application/json";
+				}else if (StringUtils.startsWith(string, "<") && StringUtils.endsWith(string, ">")){
+					type = "application/xml";
+				}else{
+					type = "text/html";
+				}
+			}
+			response.setContentType(type);
 	        response.setCharacterEncoding("utf-8");
 			response.getWriter().print(string);
 		} catch (IOException e) {
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
index 5db60e49..36a828e0 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
@@ -54,7 +54,8 @@ public class LoginController extends BaseController{
 		if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
 			String queryString = request.getQueryString();
 			queryString = queryString == null ? "" : "?" + queryString;
-			return REDIRECT + adminPath + "/login" + queryString;
+			ServletUtils.redirectUrl(request, response, adminPath + "/login" + queryString);
+			return null;
 		}
 
 		LoginInfo loginInfo = UserUtils.getLoginInfo();
@@ -63,16 +64,8 @@ public class LoginController extends BaseController{
 		if(loginInfo != null){
 			String queryString = request.getQueryString();
 			queryString = queryString == null ? "" : "?" + queryString;
-			String indexUrl = adminPath + "/index" + queryString;
-			if (ServletUtils.isAjaxRequest(request)){
-				try {
-					request.getRequestDispatcher(indexUrl).forward(request, response); // AJAX不支持Redirect改用Forward
-				} catch (Exception ex) {
-					logger.error(ex.getMessage(), ex);
-				}
-				return null;
-			}
-			return REDIRECT + indexUrl;
+			ServletUtils.redirectUrl(request, response, adminPath + "/index" + queryString);
+			return null;
 		}
 		
 		// 如果是登录操作，跳转到此，则认为是登录失败（支持GET登录时传递__login=true参数）
@@ -130,16 +123,8 @@ public class LoginController extends BaseController{
 		if(loginInfo != null){
 			String queryString = request.getQueryString();
 			queryString = queryString == null ? "" : "?" + queryString;
-			String indexUrl = adminPath + "/index" + queryString;
-			if (ServletUtils.isAjaxRequest(request)){
-				try {
-					request.getRequestDispatcher(indexUrl).forward(request, response); // AJAX不支持Redirect改用Forward
-				} catch (Exception ex) {
-					logger.error(ex.getMessage(), ex);
-				}
-				return null;
-			}
-			return REDIRECT + indexUrl;
+			ServletUtils.redirectUrl(request, response, adminPath + "/index" + queryString);
+			return null;
 		}
 		
 		String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
@@ -202,12 +187,16 @@ public class LoginController extends BaseController{
 		if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
 			String queryString = request.getQueryString();
 			queryString = queryString == null ? "" : "?" + queryString;
-			return REDIRECT + adminPath + "/index" + queryString;
+			ServletUtils.redirectUrl(request, response, adminPath + "/index" + queryString);
+			return null;
 		}
 
 		// 验证下用户权限，以便调用doGetAuthorizationInfo方法，保存单点登录登出句柄
 		if (!SecurityUtils.getSubject().isPermitted("user")){
-			return REDIRECT + adminPath + "/login";
+			String queryString = request.getQueryString();
+			queryString = queryString == null ? "" : "?" + queryString;
+			ServletUtils.redirectUrl(request, response, adminPath + "/login" + queryString);
+			return null;
 		}
 
 		//获取登录用户信息
@@ -216,14 +205,20 @@ public class LoginController extends BaseController{
 		// 未加载shiro模块时会为空，直接访问则提示操作权限不足。
 		if(loginInfo == null){
 			UserUtils.getSubject().logout();
-			return REDIRECT + adminPath + "/login";
+			String queryString = request.getQueryString();
+			queryString = queryString == null ? "" : "?" + queryString;
+			ServletUtils.redirectUrl(request, response, adminPath + "/login" + queryString);
+			return null;
 		}
 		
 		// 当前用户对象信息
 		User user = UserUtils.get(loginInfo.getId());
 		if (user == null){
 			UserUtils.getSubject().logout();
-			return REDIRECT + adminPath + "/login";
+			String queryString = request.getQueryString();
+			queryString = queryString == null ? "" : "?" + queryString;
+			ServletUtils.redirectUrl(request, response, adminPath + "/login" + queryString);
+			return null;
 		}
 		model.addAttribute("user", user); // 设置当前用户信息